Step 1: Create the Task
Execution IAM Role

Amazon ECS needs permissions so that your Fargate task can store logs in
CloudWatch. These permissions are covered by the task execution IAM role. For more
information, see Amazon ECS Task Execution IAM Role.

To create the task execution IAM role using the AWS CLI

Create a file named task-execution-assume-role.json
with the following contents:

Step 2: Configure the Amazon ECS
CLI

The Amazon ECS CLI requires credentials in order to make API requests on your behalf.
It can pull credentials from environment variables, an AWS profile, or an Amazon ECS
profile. For more information, see Configuring the Amazon ECS CLI.

To create an Amazon ECS CLI configuration

Create a cluster configuration, which defines the AWS region to use,
resource creation prefixes, and the cluster name to use with the Amazon ECS
CLI:

If this is the first time that you are configuring the Amazon ECS CLI,
these configurations are marked as default. If this is not your first
time configuring the Amazon ECS CLI, see the Amazon ECS Command Line
Reference in the Amazon Elastic Container Service Developer Guide to set
this as the default configuration and profile.

Step 3: Create a Cluster and
Security Group

To create an ECS cluster and security group

Create an Amazon ECS cluster with the ecs-cli up command.
Because you specified Fargate as your default launch type in
the cluster configuration, this command creates an empty cluster and a VPC
configured with two public subnets.

ecs-cli up

Note

This command may take a few minutes to complete as your resources are
created. Take note of the VPC and subnet IDs that are created as they
are used later.

Using the AWS CLI, create a security group using the VPC ID from the
previous output:

Here is the compose file, which you can name
docker-compose.yml. The wordpress container
exposes port 80 for inbound traffic to the web server. It also configures container
logs to go to the CloudWatch log group created earlier. This is the recommended best
practice for Fargate tasks.

In addition to the Docker compose information, there are some parameters specific
to Amazon ECS that you must specify for the service. Using the VPC, subnet, and security
group IDs from the previous step, create a file named
ecs-params.yml with the following content:

Step 5: Deploy the Compose
File to a Cluster

After you create the compose file, you can deploy it to your cluster with
ecs-cli compose service up. By default, the command looks for
files called docker-compose.yml and
ecs-params.yml in the current directory; you can specify a
different docker compose file with the --file option, and a different
ECS Params file with the --ecs-params option. By default, the resources
created by this command have the current directory in their titles, but you can
override that with the --project-name option. The
--create-log-groups option creates the CloudWatch log groups for the
container logs.

In the above example, you can see the wordpress container from your
compose file, and also the IP address and port of the web server. If you point your
web browser at that address, you should see the WordPress installation wizard. Also
in the output is the task-id value for the container. Copy the task ID
as you use it in the next step.

Step 9: Clean Up

When you are done with this tutorial, you should clean up your resources so they
do not incur any more charges. First, delete the service so that it stops the
existing containers and does not try to run any more tasks.